What is Multifactor Authentication and why should we use it?
Multifactor Authentication (MFA) is a security feature, which adds a layer of protection when accessing your UL account remotely. Recently, hackers have targeted higher education institutions by using fraudulently acquired credentials to acquire sensitive and personal information from users. Multifactor authentication is an effective control to help prevent these type of attacks.
How does Multifactor Authentication work?
Multifactor Authentication (MFA) works by requesting a second factor of authentication to verify your identity with something you know (UL username & password) in addition to something only you have (your mobile phone, on which you will receive a login confirmation notice via an app).
What this means for me?
You will be required to use MFA to access Microsoft Services (Email, OneDrive for Business and Teams) & Sulis off-campus. ITD have plans to implement MFA on all IT services provided by ITD.
Once you are registered for MFA and you want to access Office 365 services (Email, OneDrive for Business and Teams) or Sulis off-campus, you will be requested to provide a second factor of authentication for that device and for every Microsoft application you launch, i.e., Outlook, Teams and OneDrive for Business. This means you will need to verify your authentication via your mobile phone (simply tap Approve when prompted).
If you want to access Microsoft Services via the Microsoft 365 Portal using a Web Browser, you should select the “Don’t ask me again for xx days” option on the screen when prompted. This setting should only be enabled on UL-managed devices, and ITD do not recommend using public computers such as in cafes or hotel foyers to access UL services or data including email. See FAQ’s for further details.
Your device will then be trusted for 60 days and you will not be requested for your second factor of authentication on that device again until that time period expires.
If your access Microsoft services / Sulis on multiple devices, this verification process will be repeated for each device.
What is Self-Service Password Reset (SSPR)?
Self-Service Password Reset (SSPR) enables you to reset your UL computer account password (e.g. your UL email or Sulis password) anywhere anytime without the need to contact our Service Desk. Self-Service Password Reset can be used when you have forgotten your password, your password has expired, you wish to reset/change your current password, or you want to unlock your account.
SSPR is available 24 x 7, however, you have to register for both Multifactor Authentication (MFA) and SSPR before you can use this method to reset your password.
What are the recommended password characteristics?
The UL Password Standards describes the characteristics of a valid password.
|Authenticator app||Multi-Factor Authentication (MFA) and for Self Service Password Reset (SSPR)|
|Text Messages||Multi-Factor Authentication (MFA) and for Self Service Password Reset (SSPR)|
|Phone Calls||Multi-Factor Authentication (MFA) and for Self Service Password Reset (SSPR)|
|Email Account||Self Service Password reset authenticationnn only. You'll need to choose another method for Multi-Factor Authentication|
Users are not charged for SMS messages or phone calls, unless they are in a foreign country, where the phone carrier applies charges to receive an SMS message or phone call.
Commence the registration process by visiting https://portal.office.com The username is your UL email address (i.e. email@example.com or firstname.lastname@example.org) and the password is your UL email password. You will be asked to register a secondary factor for your account. Click Next. You will be presented with the registration wizard below. Select “I want to set up a different method”
When you install the Authenticator app you need to allow it to access your camera so it can scan the QR code when registering for MFA.